Tag Archives: mls

6500 and 7600 series devices are designed and utilised to handle a large amount of packet data. Netflow sampling on a busy core or edge router in any setup can place a huge unwanted load on supervisor CPU’s. The below netflow configuration allows the ability to create an accurate measurement based on a single packet from a flow. So, from 1 single packet the remainder of a flow can be analysed and recorded.

Finally, you should enable ‘mls’ as the above configuration is for the MSFC only:

core2(config)#mls netflow
This enables the sending of mls netflow data
core2(config)#mls nde sender version 5
This will ensure more accurate statistics by setting a longer age time before a flow is ended
core2(config)#mls aging long 64
core2(config)#mls aging normal 32

The below will ensure that all necessary data regarding a flow is exported, i.e. source, destination, vlan etc. This will also configure sampling as previously mentioned in this article reducing CPU utilisation on your edge and core devices.

I recently updated a 7200 series router to a 7600 series – quite a big change. The config used was exactly the same and I couldn’t for the life of me work out why netflow was showing such a small amount of traffic. In short it turns out you need to enable something called NDE (Netflow Data Export). Without this enabled the router will only export flows for the MSFC which is mainly management traffic.

All you need to add is the following line in addition to the normal flow export lines: